Top10 publishers:
bobrov107 
sp1d3rs54 
jobert41 
bigbear_38 
bl4de37 
guido37 Twitter
isox36 
4lemon35 
geeknik35 
edio34 

the unofficial HackerOne disclosure timeline.

X
MariaDB disclosed a bug submitted by s_p_q_r 
[downloads.mariadb.org] CRLF injection in case of encoded query mark
14 Feb 2019 timeline
WordPress disclosed a bug submitted by simonscannell 
Logic flaw in the Post creation process allows creating posts with arbitrary types without needing the corresponding nonce
14 Feb 2019 timeline
Brave Software disclosed a bug submitted by hackthedevil 
DMARC RECORD MISSING
13 Feb 2019 timeline
Dovecot disclosed a bug submitted by halfdog 
Username restriction bypass with SSL client authentication
13 Feb 2019 timeline
Mail.ru disclosed a bug submitted by kushal89shah 
[FG-VD-17-115] Mail.ru's Amigo Browser DLL Pre-Loading Vulnerability Notification
12 Feb 2019 timeline
Twitter disclosed a bug submitted by ameerpornillos 
Information Exposure Through Directory Listing vulnerability on 8 vcache**.usw2.snappytv.com websites
11 Feb 2019 timeline
Twitter disclosed a bug submitted by cris-staicu 
Tracking of users on third-party websites using the Twitter cookie, due to a flaw in authenticating image requests
08 Feb 2019 timeline
Starbucks disclosed a bug submitted by karthik87mit 
Password Change not notified when changed from settings
08 Feb 2019 timeline
Starbucks disclosed a bug submitted by apapedulimu 
Missing CSRF Token On Remove Coupun From Cart
08 Feb 2019 timeline
GitLab disclosed a bug submitted by urztruzchitrz 
Guests Will Disclose the Private Project Full Activity Via Project Activity Feeds
08 Feb 2019 timeline
Uber disclosed a bug submitted by appsecure_in 
Client secret, server tokens for developer applications returned by internal API
08 Feb 2019 timeline
PayPal disclosed a bug submitted by alexbirsan 
XSSI on refer.xoom.com allows stealing email addresses and posting to Twitter on behalf of victim
07 Feb 2019 timeline
PayPal disclosed a bug submitted by bagipro 
[Venmo Android] Remote theft of user session
07 Feb 2019 timeline
PayPal disclosed a bug submitted by bagipro 
[PayPal Android] Remote theft of user session using push_notification_webview deeplink
07 Feb 2019 timeline
Node.js third-party modules disclosed a bug submitted by skyn3t 
[serve] Access unlisted internal files/folders revealing sensitive information
07 Feb 2019 timeline
Twitter disclosed a bug submitted by bywalks 
[dev.twitter.com] XSS and Open Redirect Protection Bypass
07 Feb 2019 timeline
U.S. Dept Of Defense disclosed a bug submitted by archang31 
Information Disclosure (can access all Army HRC RFOs) within AIM view RFO Portal
06 Feb 2019 timeline
Ubiquiti Networks disclosed a bug submitted by csiete 
UBNT Amplification DDOS Attack
06 Feb 2019 timeline
Mail.ru disclosed a bug submitted by lincoln9932 
??????????? ????? ?? ????? ??????? https://pandao.ru/
06 Feb 2019 timeline
GitLab disclosed a bug submitted by jaykpatel 
gitter.im virtually authentication bypass by abusing authorizing callback?code
04 Feb 2019 timeline
1 ... 3 4 5 6 7 ... 327
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM